Do Real-Time Operating Equipment (RTOSes) repeatedly provide the a lot of efficient platdevelop for realizing your embedded software system design? Many RTOS merchants seem to think so, generally citing RTOS benefits while hardly ever pointing out the disbenefits. Too often, the question "Do You Need an RTOS?" is taken,"Which RTOS Do You Need?"

WHO ARE WE? Software Technologies has built and sustained real-time operating systems (RTOSes) given that 1988. We have actually observed hardware and installed software innovations evolve and also have supported our customers with the design, advancement, integration, certification, deployment, and also support of software application systems throughout mission-important applications in AVIONICS, INDUSTRIAL, AUTOMOTIVE, UNMANNED SYSTEMS, DEFENSE, SECURE LAPTOPS, CRITICAL INFRASTRUCTURE, and also various other markets.

You are watching: You are most likely to find an rtos Software Technologies hasdeveloped and also supportedreal-time operating systemsfor safety- and security-critical applications since 1988. Year after year, however, we discover thatmany of the benefits our customers are seeking from an RTOS arenotspecifically RTOS benefits.After all, not all applications need real-time features, nor doall elements in a mechanism design need to be constructed with the same devices.

More importantly, tright here are broad system-level benefits that RTOSes themselves cannot regularly provide, includingsimplicity; higher openness; more powerful partitioning; and even more scalable determinism.Because of this, while tbelow are benefits to RTOSes,the most straightforward answer to the question, “Do You Almethods Need an RTOS?” is “No.”In fact, as soon as customers come to and say they desire to buy one of our RTOSes, one of the initially questions we ask them is:“Are yousure?”


Hardware virtualization—includingIntel"s Virtualization Technology (VT-x and VT-d),Armv8-A Virtualization Support,andPowerPC"s E.HV Functionality—has actually made its method dvery own from high-end server course processors to low-power, low-price chips, bringing via it fine-grained partitioning and also timing control benefits well suited for installed use.These breakthroughs are necessary to understand bereason they have actually made specific operating device (OS) capabilities redundant.

At its significance, hardware virtualization allows parallel arbitration of CPU resources, such that multiple software actors in a system deserve to directly manage parts of the CPU. Prior to virtualization, it was the obligation of an RTOS kernel to solely arbitrate CPU sources for maintaining platcreate integrity, but this is no much longer the situation. When the standard responsibility of an RTOS is redundant to native hardware aided capabilities, the hope is that RTOS vendors carry out the hard work of adapting and also evolving in addition to the hardware, as opposed to preserving old RTOS designs. Because of this, if vendors take on hardware virtualization to assistance embedded real-time style goals—which we highly recommend—is it proper to call the platdevelop software program an RTOS? We do not think so.


New hardware capabilities current new approaches for platdevelop software to minimize stack intricacy, conquer performance thresholds, and administer much better application portcapacity properties. The following architectural properties should be interpreted in order to find whether you are absent out on extensive platdevelop benefits that your RTOS does not have:

The Benefits of Distributed vs. Centralized DesignHeterogeneous CompositionThe Principle of Leastern PrivilegeOpen SystemsSystem Comprehensibility vs. Proprietary APIs


Prior to virtualization, operating devices (OSes) forced a central Client-Server model of actions, wherein each user application is a client to an OS server that arbitrates the usage of physical resources (see Figure 1, below).


Figure 1- Centralized ClientApplication-to-Server OS Behavior Model

This design (above) is no longer crucial.With hardware arbitration,software advance and runtime devices deserve to now targain spread behavior models in location of the Client-Server version, wright here each application would runs autonomously against hardware.The distributed model (below)instantly reduces the require tocontext switch, copy, or share data—unlockinghigher performance thresholds, better timing manage, and boosted modular properties such as fast advancement & testing, component reusage, and style refactoring.


Figure 2- Distributed Application-to-Hardware Behavior Model


Designing for reusage is an investment for future projects.Once you have actually thrived in dividing your device right into autonomous, spread components, you then have actually more choices for structure those components making use of differenttoolchains. While this might cause a more complex advancement toolset, it deserve to yield considerable savings as soon as reutilizing mature, tested software application components.

Consider a design requiring tradition capabilities to be augmented. Rather than retro-fitting heritage components to encompass the desired capabilities, the most reliable technique is to reuse the use that is prstove and to connect that usability to therequired augmented components.


Leastern Privilegestyle is a need to for interassociated systems; not having actually it is choose driving without a seat-belt. At its significance, Least Privilege means that every piece of software program running in your style should be operating with only the privileges compelled to perdevelop its function.Hardware virtualization makes leastern privilege design a a lot less complicated goal to accomplish than relying on a software application kernel police application privilege.

In the early on days ofmicrokernelstyle, applications, chauffeurs, and also the kernel were delicately separation into sepaprice contexts—forcing a facility composition that necessary to be closely interconnected and schedubrought about gain decent performance. With hardware virtualization, applications, chauffeurs, and also OS kernels execute not should be separated to limit CPU privilege escalation.

For example, if an application that"s just came to with netjob-related interactions, then it have to not have access to the GPU, USB, serial ports, and so on In the spread model (above), you can ensure that each autonomous software component only has actually visibility of the resources it needs and—in contrast to the central operating device model—you have the right to enforce this accessibility manage in hardware at boot time, avoiding any component from approving brand-new accessibility civil liberties at runtime.

There are 2 major benefits to this approach:

Without knowledge of a provided resource, an OS will not dynamically fill vehicle drivers that are not compelled for your use case, minimizing the code that"s running on your systemRerelocating the ability for any software program to modify accessibility legal rights at runtime is crucial to eliminating the possibility of attackers gaining privilege escalation and approving themselves new access rights

In order to follow Leastern Privilege principles, it is imperative that you deserve to trust that your platform tools execute not approve any accessibility rights to any type of resource; unless you, the developer, clearly enable them. (For an instance of a Leastern Privilege Architecture implemented in an automotive design, discover Automotive Demopresented at Arm TechCon 2019.)


The essence of “open” systems is low price portcapacity and also component reuse. Moving from a centralized to distributed system style removes a not-so-apparent technological barrier to achieving these purposes. In the centralized Client-Server OS design,applications rely heavily on whatever before happens "under the hood" within the operating system. These underlying behavior semantics deserve to differ in between versions of an OS APIimplementation.Even when API description versions are compatible with otherplatforms,the resolution of semantics compatibility,license expense, and also work-related necessaryto assemble the application on a brand-new platform will many most likely be cost-prohibitive.

When applications are aligned with their dependencies as finish imeras, porting in between platforms becomes a lot much less of a technical challenge—a difficulty that deserve to exceptionally much advantage the vendor.A distributed architecturecan give customers higher flexibility and adaptability for requesting and also utilizingintegration toolsfor 3rd party compiled components.Additionally,givingapplication developers the visibility andcontroltobuild and also regulate their whole application dependenciesthemselvesoffers developers via better flexibility to filter out unessential complexity and an enhanced ability to define precise device execution actions.


The initiative required to follow software application code and also understand also its feature at the hardware level is recognized ascomprehensibility.A main concernof the central Client-Server design of theRTOSis that eexceptionally job or application is forced to sit at the same level of abstraction (the device API).This API hides the underlying complexities of the OS which might bebasic feature calls into libraries (finest case),orcountless system calls and also context switches (worst case).


On the confront of it, this included intricacy can be seen as a worthwhile trade-off for a simplified API and added use.However before, in order to debug software and also understand also what is happening ‘under the hood’, the developer regularly requirements to understand also (and maintain) a complicated internet of system calls and conmessage switches.


Partitioning is the the majority of important capability for preserving platdevelop integrity.Safety RTOSes have touted the benefits of time and also room partitioning for years, yet a closer look into implementations mirrors room for innovation in terms of intricacy reduction and partitioning attributes.

Simpler partitioning suggests more powerful partitioning. Completely removing responsibility of partitioning from an OS kernel (which offers both software application and also hardware) and also instead utilizing the hardware exclusively gives a better stamina of attribute and is a much easier system to verify for certification.

More partitioning implies more powerful partitioning. Looking closer,RTOSes commonly only partition job deal with spaces and also create cyclic windows of execution time for jobs or task groups. Tbelow is a riches of partitioning functions developed right into hardware virtualization thatRTOSesoftenneglect,such as straight memory accessibility (DMA) channel partitioning,cache partitioningusingcache alarea innovation (CAT), interrupt masking, instruction setappointments,etc.


The chief technical goal of an RTOS is to regulate determinism,which is primarilyachieved through a scheduler.Deterministicschedulers generally implementpriority-preemptiveor periodic tasking models. Both viewpoints confront considerable technological difficulties on modern-day multi-core microprocessors once orchestrating race conditions, coherency, reresource contention, andtimer & asynchronousinterrupts across all CPU cores.

As CPU core and also peripheralcounts increase, sododisruption and software program complexity.The the majority of apparent means to reign in determinism on multi-core devices is to simplify the atmospheres that need deterministic behavior by isolating hardware interference.Usinghardware-basedpartitioning capabilitiesallowsbasic traditional scheduling techniquesto execute as intended.


Having developed and supported RTOSes for even more than 30 years, we see several common reasons that building contractors of embedded units think about purchasing a commercial RTOS. Here are our responses to some of the most widespread concerns we receive around RTOS recommendations:

"I need real-time response..."

So perform you constantly need an RTOS? No. Tbelow are elegant means to attain the promises in your demands that may not require the complexity of an RTOS.

"I"m developing a certified system..."

So perform you always require an RTOS? No. Hybrid designs deserve to be certified and also sustained through aheterogeneous, multi-core safety- and also security-partitioning frame.

"I require multi-tasking..."

So execute you constantly need an RTOS? No. If versatility and control of job scheduling are vital, then an RTOS may be an excellent option, but it may be likewise overkill—a super-loop, interrupts, a straightforward scheduler, or Linux may be more correct.

"I want my software to be portable to other platforms in future..."

"Tool vendors advertise a organize of software program bundled via their solution..."

So carry out you constantly need an RTOS? No. The benefits of bundled software really depfinish on the intricacy of the software application you desire to leverage. Something complex prefer a netjob-related stack (that"s likely to carry out many background work) could warrant an RTOS on a maker that cannot run Linux, but otherwise it is finest to initially decide that an RTOS is the ideal choice for your project,thenpick one that bundles the software application you need.

"I do not want to write hardware bootstrap code..."

So perform you always need an RTOS? No. There are other ways toreduce the cost and initiative forced to achieve a BSP.

"I have actually tradition deindications that I want to augment with new use..."

So carry out you always need an RTOS? No. If you have tradition code built versus a proprietary API, then it could not be worth the price to port it to an RTOS via a traditional API for the sake of future-proofing. The style deserve to often be incorporated as a bare-steel binary via aheterogeneous, multi-core safety- and also security-partitioning framework.

"I want to have the ability to debug my application..."

So carry out you constantly need an RTOS? No.Never usage tool assistance as the reason for making use of an RTOS. The tools are often included bereason the complexities of the RTOS need complex trace and debug tools; rerelocating the RTOS simplifies the devices you should understand also the behavior of your software application.


Not every embedded software application system style requires a real-time operating system, and also among the greatest mistakes we see developers make is incorrectly assuming an RTOS is required. Too often, havingliked a commercial RTOS, contractors of embedded units find themselves locked-in to a vendor"s proprietary APIs while discovering that their style options have been constrained by a minimal set of devices. Given that many kind of of the benefits our customers obtain out of our RTOSes are not solely RTOS benefits, we constantly consult with them first, looking to minimize advancement price, intricacy, and also style dangers.Generally, themany optimal options become hybrid designs (for a compariboy of 2 unique deindications for avionics units, watch the System A vs. System B percent of ourAvionics page).


Modern software application systems can be modeled as simplercompositionsof dispersed attributes as opposed to a arsenal of client applications dependent on a monolithic server. This enables you to develop and describe your platdevelop softwarebya set of attributes, rather than by a singular platform that assumes a superset of opaque functions.

See more: Which Of The Following Best Describes Why A Firm Produces Financial Statements?

Our conversations with customers are commonly less around comparing our commodities to other RTOSes and also even more about resolving prevalent design challenges such as:

You have a perfectly excellent functioning system that runs on an RTOS that you would certainly like to reusage, yet you would certainly favor to include new protection functions that the RTOS does not supportYou need real-time scheduling for some tasks that were built on a general-purpose OSYou have proprietary schedulers from microcontrollers you would certainly choose port to a microprocessorYour application architecture is so basic that relocating to an RTOS would certainly pose complexity overkillYour application is so bleeding edge that relocating to an RTOS would certainly require substantial rejob-related to satisfy comparable throughput purposes checked out on Linux

Our advice in all of these instances is:

Reusage as a lot as you canSimplify your design as much as possibleChoose the the majority of cost-effective components and also tool chain for functional style gaps



Figure 3- MOSA.ic Modular Advancement Framework

To learn more about how to efficiently realize modular, dispersed software application architectures, view MOSA.ic™ integration frameworkorGet Startednow and tell us about your project. We would certainly be happy to schedule a whiteboarding session with you to discover the many optimal remedies to your difficulties.